Total
67 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-4847 | 1 Siemens | 1 Simatic Wincc Oa Operator | 2024-11-21 | N/A |
| A vulnerability has been identified in SIMATIC WinCC OA Operator iOS App (All versions < V1.4). Insufficient protection of sensitive information (e.g. session key for accessing server) in Siemens WinCC OA Operator iOS app could allow an attacker with physical access to the mobile device to read unencrypted data from the app's directory. Siemens provides mitigations to resolve the security issue. | ||||
| CVE-2018-20932 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 70.0.23 exposes Apache HTTP Server logs after creation of certain domains (SEC-406). | ||||
| CVE-2018-16970 | 1 Wisetail | 1 Learning Management System | 2024-11-21 | N/A |
| Wisetail Learning Ecosystem (LE) through v4.11.6 allows insecure direct object reference (IDOR) attacks to download non-purchased course files via a modified id parameter. | ||||
| CVE-2018-11798 | 2 Apache, Redhat | 3 Thrift, Jboss Data Virtualization, Jboss Fuse | 2024-11-21 | N/A |
| The Apache Thrift Node.js static web server in versions 0.9.2 through 0.11.0 have been determined to contain a security vulnerability in which a remote user has the ability to access files outside the set webservers docroot path. | ||||
| CVE-2018-10590 | 1 Advantech | 4 Webaccess, Webaccess\/nms, Webaccess Dashboard and 1 more | 2024-11-21 | N/A |
| In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an information exposure vulnerability through directory listing has been identified, which may allow an attacker to find important files that are not normally visible. | ||||
| CVE-2017-5387 | 1 Mozilla | 1 Firefox | 2024-11-21 | N/A |
| The existence of a specifically requested local file can be found due to the double firing of the "onerror" when the "source" attribute on a "<track>" tag refers to a file that does not exist if the source page is loaded locally. This vulnerability affects Firefox < 51. | ||||
| CVE-2017-16770 | 1 Synology | 1 Surveillance Station | 2024-11-21 | N/A |
| File and directory information exposure vulnerability in SYNO.SurveillanceStation.PersonalSettings.Photo in Synology Surveillance Station before 8.1.2-5469 allows remote authenticated users to obtain other user's sensitive files via the filename parameter. | ||||